package com.sgs.carbon.web.config.security;

import com.sgs.carbon.starter.web.config.WebProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.Customizer;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;

/**
 * Security 公共配置
 *
 * @author Dave Liu
 * @date 2021-10-08
 */
@Configuration
public class SecurityConfiguration {

    @Autowired
    private WebProperties webProperties;

    @Bean
    public Customizer<ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry> authorizeRequestsCustomizer() {
        return registry -> {
            // 通用的接口, 可匿名访问
            registry.antMatchers(api("/captcha/**")).anonymous();
        };
    }

    @SuppressWarnings("SameParameterValue")
    private String api(String url) {
        return webProperties.getApiPrefix() + url;
    }

}
